f5cc84cd096e174605b08bc5d092a2fd_JaffaCakes118 | Triage

Sharing

General

Target

f5cc84cd096e174605b08bc5d092a2fd_JaffaCakes118
Size

594KB
MD5

f5cc84cd096e174605b08bc5d092a2fd
SHA1

08aecfe659ed39813d8457ed57e5514da35f0672
SHA256

fa7cddd00db835a258ec0fab9cad762d630a1542420730803992b9733bc81762
SHA512

9f8e896657c2f2e724930df913cb9f5eb1fb4316fab3e19b908e3f60a7a678c1ddc47fd9a266d36121dc8752c1019cc3602f630a877d1bdcd94b027d9c47dccd
SSDEEP

6144:Qw4jGBOsjuiglQfPuB7vL9Jae0Ha93l71Za1gC63GyMN49m13MTOHJYe/A3W3hpJ:94jIjuiLPyvL7apo38i3F9JSJYxmRa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5cc84cd096e174605b08bc5d092a2fd_JaffaCakes118

Files

f5cc84cd096e174605b08bc5d092a2fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d690bba71cdad6bcc879f4c6e70a2582

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

Sections

CODE
Size: 459KB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE